From f5b24e7977b5e453bde40b52f1cf7bbc1bb67ae2 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Thu, 26 Dec 2019 23:24:40 +0100
Subject: base role supports openbsd now too

---
 roles/base/tasks/main.yml | 135 ++++------------------------------------------
 1 file changed, 11 insertions(+), 124 deletions(-)

(limited to 'roles/base/tasks/main.yml')

diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
index 3f1d9bee..5484a3a6 100644
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -1,72 +1,15 @@
 ---
-- name: load distrubtion specific variables
-  include_vars: "{{ item }}"
-  with_first_found:
-    - files:
-        - "{{ ansible_distribution_release }}.yml"
-        - "{{ ansible_distribution }}.yml"
-      skip: true
-
-- name: disable recommends and suggests
-  copy:
-    src: 02no-recommends
-    dest: /etc/apt/apt.conf.d/
-
-- name: install base system tools
-  apt:
-    name:
-    - htop
-    - dstat
-    - lsof
-    - gawk
-    - psmisc
-    - less
-    - debian-goodies
-    - screen
-    - mtr-tiny
-    - tcpdump
-    - iptraf-ng
-    - unp
-    - dbus
-    - libpam-systemd
-    - aptitude
-    - ca-certificates
-    - file
-    - man-db
-    - manpages
-    - nano
-    state: present
-
-
-- name: install rngd
-  when: base_entropy_generator == 'rngd'
-  block:
-  - name: install rngd
-    apt:
-      name: "{{ base_rngd_package_name }}"
-      state: present
-
-  - name: make sure haveged is removed/purged
-    apt:
-      name: haveged
-      state: absent
-      purge: yes
-
-
-- name: install haveged
-  when: base_entropy_generator == 'haveged'
-  block:
-  - name: install haveged
-    apt:
-      name: haveged
-      state: present
-
-  - name: make sure rngd is removed/purged
-    apt:
-      name: "{{ base_rngd_package_name }}"
-      state: absent
-      purge: yes
-
+- name: load os/distrubtion/version specific tasks
+  vars:
+    params:
+      files:
+      - "{{ ansible_distribution_release }}.yml"
+      - "{{ ansible_distribution }}.yml"
+      - "{{ ansible_os_family }}.yml"
+  loop: "{{ q('first_found', params) }}"
+  loop_control:
+    loop_var: tasks_file
+  include_tasks: "{{ tasks_file }}"
 
 - name: Remove startup message from screen
   lineinfile:
@@ -93,59 +36,3 @@
   copy:
     src: "{{ global_files_dir }}/common/htoprc"
     dest: "{{ item }}/.config/htop/"
-
-- name: Ensure /root is not world accessible
-  file:
-    path: /root
-    mode: 0700
-    owner: root
-    group: root
-    state: directory
-
-- name: disable net/fs/misc kernel modules
-  loop: "{{ modules_blacklist.net | union(modules_blacklist.fs) | union(modules_blacklist.misc) }}"
-  lineinfile:
-    dest: /etc/modprobe.d/disablemod.conf
-    line: "install {{ item }} /bin/true"
-    create: yes
-    owner: root
-    group: root
-    mode: 0644
-
-- name: Change various sysctl-settings, look at the sysctl-vars file for documentation
-  loop: "{{ sysctl_config | combine(sysctl_config_user) | dict2items }}"
-  loop_control:
-    label: "{{ item.key }} = {{ item.value }}"
-  sysctl:
-    name: "{{ item.key }}"
-    value: "{{ item.value }}"
-    sysctl_set: yes
-    state: present
-    reload: yes
-    ignoreerrors: yes
-
-- name: install extra packages
-  apt:
-    name: "{{ base_packages_extra_host | union(base_packages_extra_group) }}"
-    state: present
-
-- name: set kernel command line options
-  lineinfile:
-    path: /etc/default/grub
-    regexp: '^#?GRUB_CMDLINE_LINUX='
-    line: 'GRUB_CMDLINE_LINUX="{{ install.kernel_cmdline | join(" ") }}"'
-  when: install is defined and install.kernel_cmdline is defined
-  notify: update grub
-
-- name: disable TSO (intel nic stability fix)
-  when: base_intel_nic_stability_fix
-  copy:
-    content: |
-      [Match]
-      MACAddress={{ ansible_default_ipv4.macaddress }}
-
-      [Link]
-      TCPSegmentationOffload=false
-      GenericSegmentationOffload=false
-      GenericReceiveOffload=false
-    dest: /etc/systemd/network/00-disable-offloading.link
-- 
cgit v1.2.3